Latest IntelligencePage 43
Search by keyword →
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automati...
GitHub Internal Repositories Breached Via Weaponized VS Code Extension
GitHub confirmed a significant security breach on May 18, 2026, after attackers leveraged a weaponized Visual Studio Code extension to compromise an employee...
Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalation flaw that has remained undetected for near...
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and Red...
New Microsoft Defender 0‑Days Actively Exploited in the Wild
Two newly disclosed Microsoft Defender vulnerabilities are being actively exploited in the wild, enabling local attackers to elevate privileges to SYSTEM and po...
BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites
A dangerous piece of malware known as BadIIS has been actively targeting Internet Information Services (IIS) web servers, quietly hijacking them and redirecting...
Google’s Surge in Chrome Vulnerability Discoveries Likely Driven by AI
More than 200 vulnerabilities patched in recent Chrome releases are marked as ‘reported by Google’. The post Google’s Surge in Chrome Vulnerability Discov...
Critical Cisco Secure Workload Vulnerability Enables Unauthorized API Access
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain unauthorized access to ...
Critical Drupal Core Security Vulnerability Exposes Websites to Cyberattack
A highly critical security vulnerability in Drupal core is set to impact websites worldwide, with the official security release scheduled for May 20, 2026. The ...
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility
New vulnerabilities are being discovered too fast, the time-to-exploitation is too short, and our visibility into them is largely lacking. The post Supply Chain...
New NGINX 0-Day RCE “nginx-poolslip” Affects Millions of NGINX Servers
A newly disclosed zero-day remote code execution (RCE) vulnerability, dubbed nginx-poolslip, has been identified in NGINX version 1.31.0, the latest stable rele...
Microsoft warns of new Defender zero-days exploited in attacks
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]...
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as ...
WantToCry Ransomware Abuses SMB Services to Remotely Encrypt Files
A ransomware strain called WantToCry has been targeting businesses by abusing a widely used file-sharing protocol to encrypt files without dropping any malware ...
GitHub links repo breach to TanStack npm supply-chain attack
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last ...
Two U.S. Executives Plead Guilty in India-Based Tech-Support Fraud Schemes
Two former executives of a U.S.-based call routing and analytics company have pleaded guilty to federal charges for knowingly enabling India-based call centers ...
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned ...
New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned
A novel evasion technique called GhostTree, which exploits NTFS junctions to create recursive directory loops. Uncovered by Varonis Threat Labs, this method tra...
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code e...
Claude Code’s Network Sandbox Vulnerability Exposes User Credentials and Source Code
Anthropic’s Claude Code AI coding assistant harbored a critical network sandbox bypass for over five months, allowing attackers to exfiltrate credentials,...